• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

How to add a CentOS to an existent pfSense openvpn configuration

Scheduled Pinned Locked Moved OpenVPN
6 Posts 3 Posters 1.9k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    agrozdanov
    last edited by Jun 28, 2017, 2:04 AM

    Good evening,

    I wasn't able to find a related post even though I thought it is very common case.
    I apologize if I skipped some and I am repeating an issue.

    I have an existent openvpn- server configuration which is working fine up to now with my windows 8.1 desktop and iphone clients (actually after the last pfSense- update the openvpn- clients I have generated are not able to be installed anymore on Windows - it is giving a weird error, but I guess I will ask for this issue another time).

    I would like to connect my centos server as a client to my openvpn- server.

    Can you, please help out?

    Thank you and Best Regards,

    Asen

    1 Reply Last reply Reply Quote 0
    • J
      jimp Rebel Alliance Developer Netgate
      last edited by Jun 28, 2017, 3:11 PM

      Use the export package and export an inline configuration using the "Others" button and that should work fine being passed to openvpn directly at a command line.

      I'm not sure what, if anything, CentOS does special for OpenVPN so if you want to do that in a way which integrates better with CentOS you may have to manually enter configuration parameters somewhere inside CentOS.

      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      • W
        whosmatt
        last edited by Jun 30, 2017, 2:10 AM Jun 30, 2017, 2:04 AM

        It's been a while since I've done this, but I think this applies to CentOS 6 and probably 7 as well.

        First, download the inline config from the pfSense client export package.

        1.        Install openvpn from the repos.

        2.      Copy the downloaded file to /etc/openvpn

        3.      Change the .ovpn extension to .conf

        4.      Set permissions to 0400 and verify ownership is root:root

        5.      Set the openvpn service to start at boot (chkconfig openvpn on)

        6.      Start openvpn.

        7.      Verify connectivity with iperf by looking for the tun0 adapter with IP address assigned by the OpenVPN server.

        These were instructions I supplied for an environment where we are using pfSense as an OpenVPN server with CentOS 6 and RHEL6 servers as clients.  The permissions settings aren't strictly necessary, but it's to prevent any non-root users from nabbing the certificates / keys contained in the config file.

        1 Reply Last reply Reply Quote 0
        • A
          agrozdanov
          last edited by Jun 30, 2017, 1:34 PM

          Thank you very much whosmatt!

          Procedure:

          sudo yum install epel-release
          sudo yum install openvpn easy-rsa -y
          Create from Inline Configuration -> Others
          sudo cp file.ovpn /etc/openvpn/file.conf
          sudo openvpn –config /etc/openvpn/file.conf

          It is working perfectly now.

          Best Regards,

          agrozdanov

          1 Reply Last reply Reply Quote 0
          • W
            whosmatt
            last edited by Jun 30, 2017, 11:39 PM

            For what it's worth, if you start openvpn with the included init script ('service openvpn start') it will automatically connect to any client configuration with a .conf extension in /etc/openvpn.  Otherwise you can just specify any config file on the command line, as you did.  No need to rename the file or place in /etc/openvpn in the latter case.

            1 Reply Last reply Reply Quote 0
            • A
              agrozdanov
              last edited by Jul 3, 2017, 6:59 PM

              Hi whosmatt,
              Thank you very much for the help!
              Actually the CentOS server is one of my openvpn- clients since  it is behind firewall I have no control on.
              I have used  sudo systemctl enable openvpn@pfSense-TCP… and it is working perfect. I am using TCP since it is thru ssh- tunnel.
              I rebooted it several times and it is starting automatically after the start of my kvm. I am actually thinking to change the kvm with oVirt. Do you have any experience with it?
              Best Regards,
              agrozdanov

              1 Reply Last reply Reply Quote 0
              6 out of 6
              • First post
                6/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received